Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS design clarification

Hi Giles,

My current network is as follows

CSS 1----? PIX 1 -----? LAYER 3 SWITCH ---? SERVER FARM 1

| | |

| | |

CSS 2---? PIX 2 ------? LAYER 3 SWITCH ----? SERVER FARM 2

Objective – Have CSS 1 load balance the server farm 1 and have CSS 2 load balance server farm 2. Incase the CSS 1 fails then the CSS 2 will balance server farm 1 and if CSS 2 fails then CSS 1 load balances server farm 2.

CSS 1 and CSS 2 will be connected via the IP address 10.1.1.1 and 10.1.1.2. The VIP address for server farm 1 is 20.1.1.1 and the VIP for server farm 2 is 30.1.1.1. The server farm 1 has the address 20.1.1.x and server farm 2 has the 30.1.1.x.

Our solution is as follows

We will configure “Active-Active VIP and Virtual Interface Redundancy” such that the CSS 1 will act as the master for the server farm 1 and slave for server farm 2. CSS 2 will act as the master for the server farm 2 and slave for server farm 1. In this way we get the CSS redundancy. Now incase the PIX 1 goes down then the CSS will see that none of the services are reachable but will not know that the PIX has gone down. For this we will configure the scripted keepalive with a ping list that will check the health of the PIX by pinging its outside interface. If the ping fails then the CSS will fail over to the backup CSS which will route traffic via the PIX 2. We will also run OSPF through the network so that the return traffic from the servers understand that links not directly attached to them are down and hence route them via the correct links. We will advertise the VIP addresses as R1 routes so that the cost is also considered so as to differentiate between the primary and backup path.

We will also configure the add destination service command so that the servers will always send the traffic back to the VIP address

Our request to you is if you could identify if there are any issues that could arise within this network which we are unaware off and help us with this.

Thanks,

Sushil

2 REPLIES
New Member

Re: CSS design clarification

CSS 1----? PIX 1 -----? LAYER 3 SWITCH ---? SERVER FARM 1

| | |

| | |

CSS 2---? PIX 2 ------? LAYER 3 SWITCH ----? SERVER FARM 2

New Member

Re: CSS design clarification

Please check the attachment for clarity on the diagram.

Regards,

Sushil

104
Views
0
Helpful
2
Replies